from the sadface dept

Several years ago, in an unfortunate display of police bending the knee to the copyright industries, Swedish law enforcement raided the offices of Undertexter, a site chiefly dedicated to fan translations for subtitles of films. While these fan translations have been handcuffed to film piracy -- mostly through the messaging efforts of film and television content producers -- the raid registered as an extreme escalation in the battle on subtitles. Most folks have a hard time understanding why such action was taken, with most fan translations only being useful due to the content makers underserving parts of the earth that speak a variety of languages. These fan translations mostly open up those markets for makers of movies and television who have otherwise chosen not to translate their work into the relevant languages.

For its part, Undertexter vowed to fight the legal action, proclaiming its work non-infringing by virtue of serving up mere dialog translations.

Undertexter.se has had a police raid this morning (July 9) and servers and computers have been seized, and therefore, the site is down. We who work on the site don't consider an interpretation of dialog to be something illegal, especially not when sharing it for free. Henrik Pontén [the copyright industry's primary henchman in Sweden], who is behind the raid, disagrees. Sorry Hollywood, this was the totally wrong card to play. We will never surrender. [...] We must do everything in our power to stop these anti-pirates. [...]

The Attunda District Court sentenced the now 32-year-old operator to probation. In addition, he has to pay 217,000 Swedish Kroner ($27,000), which will be taken from the advertising and donation revenues he collected through the site.

While there were millions of subtitles available on Undertexter, only 74 movies were referenced by the prosecution. These were carefully selected to ensure a strong case it seems, as many of the titles weren’t commercially available in Sweden at the time.

During the trial, the defense had argued that the fan-made subtitles are not infringing since movies are made up of video and sound, with subtitles being an extra. However, the court disagreed with this line of reasoning, the verdict shows.

What ultimately happened here is that Undertexter had translations for a few films available legitimately in Sweden and the prosecution proceeded to essentially pretend like those films were the whole story. The reality is that sites like Undertexter are primarily useful because those legitimate options, including the relevant language translations, are not available. Sites like this are used by many who buy movies and television and then apply the fan-subs afterwards. Customers who would, in other words, not be able to be customers if not for the fan-subs. The piracy portion of these subtitles is incidental to the mission, in other words, but the copyright industries in Sweden claimed that piracy was really the whole point.

On the other hand, one wonders exactly how much Swedish tax money was spent to bring a guy who ran a subtitle site to the tune of probation and $27,000? Is this really the best use of everyone's time?

from the if-you-can't-do-it-right,-why-not-do-it-fraudulently? dept

Solvera -- a reputation management firm allegedly engaging in legal fraud to delist criticism -- is facing multiple legal problems as a result of its highly-questionable services. In late August, the Texas Attorney General filed a complaint against the company, alleging it defrauded courts by filing bogus defamation lawsuits on behalf of possibly-unaware clients, utilizing duped lawyers with bogus statements from fake defendants.

This sort of behavior has been uncovered in recent months through investigations by Paul Alan Levy of Public Citizen and lawprof/blogger Eugene Volokh. It has also been revealed through independent research by Pissed Consumer, an obvious target of these unsavory (and illegal) reputation management tactics.

Pissed Consumer is also going against Solvera. It has sued the company in Contra Costa County, California -- Solvera's backyard -- along with a number of other firms in the reputation management business and the companies they've created to act as plaintiffs in bogus defamation lawsuits.

It's pretty much identical to the lawsuit Pissed Consumer filed last year against a number of defendants, including the lawyers whose name appeared on the bogus paperwork: Mark Lapham and Owen Mascott. The previous lawsuit referenced Nevada Corporate Headquarters -- the apparent origin point of some of these bogus lawsuits -- but the latest adds Solvera as a defendant.

It also places much of the alleged blame on the embattled rep management firm. From the filing [PDF]:

Plaintiff is informed and believes and based thereon alleges that Defendant Solvera Group, Inc. (“Solvera”) is a California corporation incorporated under the laws of California, and orchestrated some or all of these schemes of fake litigation to remove consumer reviews.

The allegations are repeated numerous times, thanks to the long list of defendants. But here's one rundown of the rep management scam, apparently involving Solvera and the two California lawyers.

Plaintiff is informed and believes and based thereon alleges that Defendant Solvera or Doe Corporation, operating as a reputation management company, conceived of the plan and organized the cooperation of Hair Solutions, Radonich, and Owen T. Mascott to bring the plan to fruition.

Since September 2010, at least 949 individuals have posted complaints about Keranique on PissedConsumer.com. Additionally, numerous comments have been posted by third parties in response to those complaints. The majority of the comments have been negative.

Plaintiff is informed and believes and based thereon alleges that at the bequest of Defendant Solvera or Doe Corporation and with the full cooperation of Defendant Radonich, Mr. Mascott filed a complaint on behalf of Hair Solutions against Radonich for defamation.

In the underlying action the conspirators sought only injunctive relief. Specifically, the complaint requested an injunction that Radonich be “ordered to take all action, including but not limited to, requesting removal from the Internet search engines including Google, Yahoo!, and Bing of all defamatory, disparaging, libelous, and false statements about Plaintiff that Defendant has posted on the Internet.”

Mr. Mascott filed the Complaint on January 7, 2016. On information and belief, at all relevant times Mascott knew that Radonich was not the author of the statements at issue in the Radonich Case, and thus was not a proper defendant in that case.

Shortly thereafter, on January 13, 2016, Mascott filed a Stipulation for Final Judgment and Permanent Injunction with the Superior Court, containing a jurat from Radonich dated January 9, 2016. (See Exhibit 5.) On information and belief, Mascott coordinated with Radonich as Radonich’s attorney in acquiring this stipulation, such that he simultaneously represented both parties in the Radonich Case.

Having obtained a stipulated injunction from the Court, the conspirators then approached various search engines including, on information and belief, Google, Yahoo!, and Bing and requested that those search engines deindex the pages of Pissed Consumer. Instead of limiting the deindexing to the pages that contained statements Radonich claimed to have posted, the request to deindex included all web pages with entries about Keranique.

By engaging in this scheme, Defendant Conspirators obtained a court order under false pretenses and used the court order to persuade popular search engines to deindex every statement about Keranique, including the First Amendment protected statements of opinion and true fact posted by other individuals who were not a party to the underlying action.

And on it goes for several pages, detailing reputation management companies creating sham companies and bogus defendants -- with the apparent assistance of cooperative lawyers -- to delist content for paying clients. Whether or not clients actually knew this was happening remains to be seen, but the Texas AG's complaint claims Solvera lied to both its customers and the lawyers it used about the lawsuits it was filing. However, the two lawyers named here appear to have been complicit in the scheme, although they may never have been used directly by Solvera.

Needless to say, Google has stepped up its rejections of questionable court orders targeting protected speech. The increased scrutiny makes this fraudulent scheme less of a sure thing for shady reputation management companies. In Solvera's case, nuking criticism with fraudulently-obtained court orders was apparently big business, with its owner claiming to charge $50,000-$100,000 for this delisting service. (He's also a fan of Right to Be Forgotten, which makes cosmic sense but not business sense.) Hopefully, Solvera socked some of that cash away. It's got a lot of people to answer to.

from the invisible-barriers dept

Over the last few years, you may have noticed that Verizon is attempting a pivot from stodgy old telco to sexy new advertising juggernaut. Part of that effort has involved refusing to upgrade its lagging DSL infrastructure in countless towns and cities as it shifts its focus toward wireless and using its AOL and Yahoo acquisitions to sling videos and advertisements at Millennials. To justify its failure to upgrade its fixed-line network during this period (something it's being sued for by cities like New York), Verizon has long proclaimed that wireless is a "good enough" replacement for fixed-line alternatives.

But the company is now inadvertently highlighting just how not-ready for prime time wireless connections truly are. Verizon has been taking heat over the last few weeks for kicking thousands of customers off of its wireless network in more rural areas. Why? The company insists these customers (at last count 8,500 customers utilizing 19,000 lines across 13 states) are being kicked off the Verizon wireless network for using a "substantial" amount of data. But Verizon is refusing to tell these users what "substantial" actually means, after marketing "unlimited" data plans to these users for much of the year:

Verizon said in June that it was only disconnecting "a small group of customers" who were "using vast amounts of data—some as much as a terabyte or more a month—outside of our network footprint." But one customer, who contacted Ars this week about being disconnected, said her family never used more than 50GB of data across four lines despite having an "unlimited" data plan.

"Now we are left with very few choices, none of them with good service," the customer told us. "I guess small-town America means nothing to these people. It's OK—though I live in a small town, I know a lot of people, and I'm telling every one of them to steer clear of Verizon."

The problems here are multi-faceted. Three years ago, Verizon Wireless launched something called its LTE in rural America program (LTEiRA). Under this program, Verizon partnered with rural carriers to help extend the reach of their networks by letting them lease access to Verizon’s 700MHz Upper C Block spectrum. Several of the companies that worked with Verizon on this program state the company hyped the program, hired companies to help extend the reach of rural networks, then began marketing unlimited data plans to customers in many of these rural areas.

“It appears that Verizon induced these companies to build out in the rural areas around the country and then significantly promoted it by saying that they’re covering the rural areas, when it fact now, after putting those ads out, they’re now not covering the rural areas — in fact, they’re cutting it back,” he says.

And without much advance notice.

“This move caught them completely by surprise and totally blindsided them as it did the customers in the region,” says Jason Sulham, speaking for Wireless Partners LLC."

Again, Verizon isn't bothering to inform these users what "substantial" usage even means, part and parcel of a sector that has long advertised wireless connections as "unlimited," then saddled users with all manner of murky restrictions (part of the reason we have net neutrality rules). Some of the impacted users are telling news outlets they used as little as three gigabytes per month, so there's every indication that Verizon Wireless isn't being honest here as it tries to portray many of these folks as unreasonable data gluttons (which is traditionally par for the course).

"Law enforcement agencies in eastern Maine are criticizing a decision by Verizon Wireless to terminate cell service due to excessive cost. Police say the company’s decision will have an adverse effect on their work, and on the ability of residents to call 911.

Verizon officials remained tight-lipped Wednesday regarding the actual number of dropped customers, which some sources say could be as high as 2,000."

Again, there's nothing particularly revelatory about the fact that delivering wireless broadband to rural markets is expensive. Wireless spectrum is costly (often impossible for smaller companies), as is access to the fiber backhaul needed to feed wireless towers. But Verizon has spent the last decade insisting that freezing its deployment of FiOS fiber connections wasn't a big deal because wireless would be "good enough" for the millions of subscribers left in a lurch. In fact, Verizon found itself repeatedly under fire after Hurricane Sandy for refusing to repair fixed line networks for just that reason.

Verizon's decision to purge thousands of users off of the network for murky reasons comes as the FCC is looking -- largely at Verizon and AT&T's behest -- to weaken the standard definition of broadband to include wireless. The goal: redefine broadband to declare an area competitive and served if wireless is present, justifying institutional apathy toward doing anything about the lack of competition in the space. Granted this effort ignores instances exactly like this one clearly demonstrating that -- even with 5G on the horizon -- wireless is not a magical broadband panacea for under-served areas.

from the ONE-OF-US dept

Another large batch of Snowden docs have been released by The Intercept. The new documents are part of the site's "SID (Signals Intelligence Directorate) Today" collection, a sort of interoffice newsletter featuring discussions of intelligence-gathering efforts the agency has engaged in, as well as more mundane office business.

That's where they're running into problems. This SID Today document [PDF] deals with the IC's personal use of company computers -- namely, the "attribution" problem that develops when outside websites are accessed using IP addresses that can be traced back to the NSA and other IC components.

The IC uses a system called AIRGAP to provide internet access for IC employees while supposedly still preventing outsiders from tracing IP addresses back to sensitive locations. Set up in 1998 by "one of the world's largest internet providers," the system was supposed to provide non-attributable access to the outside internet world.

Unfortunately, as is detailed by the SID Today doc, the execution of AIRGAP was lacking.

One early concern about the firewall was that it funneled all internet traffic through a single IP address, meaning that if any activity on the address was revealed to be associated with U.S. spies, a broad swath of other activity could then be attributed to other U.S. spies. More IP addresses were subsequently added, but “occasionally we find that the ISP reverts to one address, or does not effectively rotate those assigned,” Speight wrote.

Speight added that the “greater security concern” was the very intelligence agents the system was designed to protect. “Despite rules and warnings to the contrary, all too frequently users will use AIRGAP for registering on web sites or for services, logging into other sites and services and even ordering personal items from on-line vendors,” Speight wrote in a classified passage. “By doing so, these users reveal information about themselves and, potentially, other users on the network. So much for ‘non-attribution.'”

It's the sort of simple carelessness that's almost unavoidable in large organizations. The NSA's effort to distance itself from its employees' internet use was thwarted by the ISP's funnel and IC employee sloppiness. As The Intercept points out, this mirrors some of the brainlessness exhibited by Russian hackers, who used a system designed to obscure their origin, but constantly undermined that protection by using the same system to log in to personal social media accounts.

The difference between the two is AIRGAP was just there to open a portal out of the IC's closed system. The Russian's system was designed to obscure the source of attacks. But the personal use of the IC's firewall/AIRGAP is still a violation of internal policy, as the document points out.

Rather than work towards preventing the unpreventable (personal web use), the IC set up another system -- OUTPARKS -- which provided more than 200 random IP addresses, all of which would be registered to an ISP, rather than the IC itself. Confusingly, the new system -- put in place in 2005 -- is also referred to as AIRGAP, primarily because IC employees are creatures of habit and referred to OUTPARKS as AIRGAP despite it being an entirely new, NSA-owned operation.

Ultimately, the document shows NSA employees are just like the rest of us: periodically bored and prone to using work computers for personal reasons.

Some background information is necessary. Some of this can be gleaned from the complaint [PDF], which was put together by Marc Randazza (of First Amendment fame), Ron Coleman (key to the Slants' Supreme Court trademark win), and Jordan Rushie (who has participated in/fought against copyright trolling efforts). Given the litigation credentials behind the filing, it's surprising there's not more to the complaint.

But first, the background:

Gab.ai is the plaintiff in this suit. Gab sprung to life as a Twitter alternative, built in response to a perceived crackdown on alt-right accounts. It's not as though the accusations are false. Twitter has frequently applied its moderation standards unequally, resulting in bans and shadowbans of alt-right accounts. As the lawsuit points out, Twitter removed alt-right figurehead Milo Yiannopoulos verified checkmark -- not because Milo wasn't who he said he was, but because it apparently didn't like him or his millions of followers. Six months later, Twitter banned him for good, citing his harassment of actress Leslie Jones.

So, much like Voat became a Reddit for people who thought Reddit censored too much speech, Gab became Twitter for those who felt Twitter censored too much speech. Gab became a mostly-free alternative Twitter, supported by subscribers, and heavily-populated by alt-right Twitter users.

Gab claims to embrace free speech. It engages in very little moderation of users' content, only culling certain content like child porn, posting of private information, threats, spam, and use of the platform to sell illegal goods. It does not police "hate speech" like Facebook, Twitter, and Google do. It's the last part that bothers Google. Or at least that's the stated reason for Google's ban of Gab from its app store.

But this wasn't Gab's first app store ban. Apple blocked it twice, first citing pornographic content as the reason. (Obviously, Twitter allows pornographic posts and yet remains available in the iOS app store...) Gab added porn-blocking by default but was rejected again by Apple, with the company pointing to its rules on hate speech.

Pretty much the same thing happened with Google. Google claimed Gab did not include a "sufficient level of moderation" and did not act to remove content "encouraging violence and hate against groups of people."

Gab's response to Google's ban pointed out it shouldn't need to police speech that isn't actually unlawful just to stay in Google's app store graces. Roughly a month after Google's decision, Gab has sued. What should probably have been left to public shaming of Google for belatedly distancing itself from Gab's social media construct has now become a plea for federal intercession.

The lawsuit runs down the history of Gab, as well as Twitter's shutdown of prominent alt-right/white supremacist accounts. The antitrust action appears to be limited to Google's partnership with Twitter. Google now has access to Twitter's "firehose" -- all public posts from all Twitter users in real time. This allows Google to return tweets in its search results.

Apparently, this partnership -- combined with Google's domination of Android app services -- is evidence of Google's anticompetitive behavior. The problem with the argument is Google's unwieldy application of its app store policies doesn't appear to be Google attempting to eliminate a competitor. Gab doesn't directly compete with Google+. If anything, it's a Twitter competitor. Google's only interest in Twitter is better search results. Kicking Gab out of the app store doesn't remove its web presence, nor does it prevent Gab users from downloading the app directly from Gab itself.

Much is made of the danger of sideloading apps. And it's true sideloading poses greater risks to Android users, especially if they're careless with their sources. While this behavior is somewhat discouraged by the Android system during phone setup, the option to sideload can be turned on and off as needed to allow the installation of apps not included in Google's Play store.

The lawsuit makes better points about removal from the Play store having deleterious financial effects on Gab, including the loss of ad placements in Google store and targeted ad campaigns utilizing Google's tools to find new app users.

Included in the filing are several reasons why Gab's removal is inconsistent with Google's own app policies. But that doesn't turn this into an anticompetitive act on Google's part. The end result may be indistinguishable but there are plenty of innocuous reasons for the app's removal that have nothing to do with Google killing Gab to protect its partnership with Twitter.

But that's pretty much what the filing hopes the judge will find. Google's history of anticompetitive behavior is detailed in the lawsuit, as well as its forays into patent enforcement. Twitter's inconsistent application of its policies to shut down alt-right accounts is also detailed, providing evidence of nothing, considering Twitter isn't party to this lawsuit.

Hidden in all of this are two paragraphs on Section 230 which misconstrue protections afforded to entities like Gab.

Even if it were possible for a social media platform to censor "defamatory and mean-spirited content" generated by 250,000 users, a level of content censorship by a social media platform that extended to "defamatory" and "mean-spirited" content place at risk that service's status as a protected Internet Service Provider, as opposed to a publisher or speaker, under 47 U.S. Code § 230, also known as Section 230 of the Communications Decency Act ("CDA").

Unlike an Internet Service Provider, a publisher or speaker is not granted the "safe harbor" benefits of Section 230, and may be held liable for defamation or other torts or other liability arising from content published on a platform it owns or manages.

This assertion greatly misconstrues how Section 230 protections work. This would be worth noting in any case, but especially so since it involves Marc Randazza, who has penned screeds pointing out the opposite: moderation efforts by ISPs do not undermine Section 230 protections.

I do delete comments from time to time. If I notice them and they are “excessively violent” or “harassing” or “otherwise objectionable,” I delete them. Why? First, its my blog, so my fucking rules. You have a right to express yourself, but not necessarily here. Second, I have absolutely no doubt in my mind that I can delete one comment and leave 100 filthy, objectionable, harassing, defamatory, nasty, and brutish comments and still not be liable.

Section 230 has been a wonderful thing. It has allowed the Internet to grow, and allowed services like Facebook, Craigslist, Fling.com, Pissedconsumer.com, and any number of other fun websites to exist. It allows me to have a comments section on each post, without worrying about whether I’ll be liable for something posted there. It does foster free speech online. So hooray Section 230.

And the relevant part of Section 230, being brushed aside here to portray Gab's lack of moderation as somehow being essential to its 230 protections:

No provider or user of an interactive computer service shall be held liable on account of—

(A) any action voluntarily taken in good faith to restrict access to or availability of material that the provider or user considers to be obscene, lewd, lascivious, filthy, excessively violent, harassing, or otherwise objectionable, whether or not such material is constitutionally protected…

Indeed, it's this very part of CDA 230 that likely will help Google get this lawsuit tossed. Under widely established precedents concerning CDA 230, Google is free to moderate its platform -- in this case, the Android Play Store -- however it likes, without increasing its own liability. To misrepresent CDA 230 by saying that moderation takes away CDA 230 protections... and then ignoring that those same protections probably prevent this lawsuit is just strange.

This is a bizarre lawsuit, to say the least. It almost looks like a proxy salvo in the ongoing war between the "Alt-Right" and the "Establishment Left," which is no longer political parties in power but West Coast tech companies shutting down speech they don't like.

The problem is, Google can legally police speech however it wants. It pays the price in goodwill and public perception, but arbitrary enforcement of app store policies isn't the same thing as antitrust violations, even if the end result is the death of apps and platforms.

At the end of it, we're left with a lawsuit that serves mostly to cater to its base: pissed off Gab users. That's fine, if that's all you want from your legal representation. Google's booting of the Gab app isn't any more correct than this resulting lawsuit. It's a move that caters to its base: progressives who feel speech they don't like shouldn't be allowed anywhere.

Google's motivations for the shutdown are probably as simplistic as they are inexcusable: Google simply didn't want to be known as the place where people could go to get the Gab app. Apple's earlier rejection relegated it to the Android ghetto and Google is engaging in broken windows policing. It's ugly all over and it does nothing to reconcile diametrically-opposed thinking, but it's not anticompetitive. It's just stupid.

from the good-deals-on-cool-stuff dept

Express your style while maximizing your multitasking ability with the CASA 6-port hub. This versatile and aesthetically pleasing USB Type-C hub is designed to meet your every need. You can charge any device you need using two USB 3.1 Type-A ports or a USB 3.1 Type-C port. It can connect with HDMI projectors to display a 4K presentation or act as an external ethernet link, and includes an SD card reader. The 6-port hub is available in multiple colors for only $79.99.

Note: The Techdirt Deals Store is powered and curated by StackCommerce. A portion of all sales from Techdirt Deals helps support Techdirt. The products featured do not reflect endorsements by our editorial team.

from the sorry,-progress-is-illegal dept

You may have noticed that the shift to solar is happening whether traditional utilities like it or not, and attempting to stop solar's forward momentum is akin to believing you can thwart the Mississippi with a fork and a few copies of Mad Magazine. Said futility clearly hasn't discouraged Florida utilities, who have gone to numerous, highly-creative lengths to try and hinder or curtail solar use. When last we checked in with legacy Florida utilities, they were busy using entirely fake consumer groups to push a law that professed to help the solar industry while actually undermining it.

Fortunately Florida consumers ultimately saw through this effort, though this was just one of a steady stream of similar bills aimed at stalling progress. Many Florida Power and Light customers obviously lost power in the wake of the devastation caused by Hurricane Irma, despite promises by the company that endless rate hikes would help harden the utilities' lines. But customers thinking they could use the solar panels on their roofs to help keep themselves afloat until traditional power was restored were in for a rude awakening.

"FPL's lobbying wing has fought hard against letting Floridians power their own homes with solar panels. Thanks to power-company rules, it's impossible across Florida to simply buy a solar panel and power your individual home with it. You are instead legally mandated to connect your panels to your local electric grid. More egregious, FPL mandates that if the power goes out, your solar-power system must power down along with the rest of the grid, robbing potentially needy people of power during major outages.

In the broadband industry, we consistently let giant incumbents like Comcast and AT&T write shitty protectionist state laws -- then stand around with a dumb look on our collective faces wondering why U.S. broadband is shitty and expensive. The same problem plagues the utility sector across countless states. In Florida, the average household spends $1,900 a year on power, 40% higher than the national average. Yet incentives or other measures designed to spur solar power adoption are either absent or illegal, in large part thanks to utility lobbying.

Needless to say, Irma appears to be acting as a wake up call to Florida utility customers unfamiliar with how the American lobbying and political system actually works:

Another reader emailed me complaining her daughter's utility wouldn't let her & her 8 y/o son power their home with solar panels after Irma pic.twitter.com/eYQIYHlEej

The problem, again, is that legacy companies across numerous sectors are very effective at using partisan patty cake to convince consumers to root against their own best self interests. That's why Florida, a state perfectly suited to take advantage of solar power, remains well behind the curve when it comes to solar adoption. And again, that's courtesy of folks like State Representative Ray Rodrigues, who takes notable campaign contributions from utilities like FPL, then consistently fields bills that profess to aid the solar revolution while covertly sabotaging what should be the obvious path forward.

According to documents provided by NSA whistleblower Edward Snowden, the spy agency formed a research group dedicated to studying peer-to-peer, or P2P, internet traffic. NSA didn’t care about violations of copyright law, according to a 2005 article on one of the agency’s internal news sites, SIDtoday. It was trying to determine if it could find valuable intelligence by monitoring such activity.

But it appears the NSA found very little worth observing.

“By searching our collection databases, it is clear that many targets are using popular file sharing applications,” a researcher from NSA’s File-Sharing Analysis and Vulnerability Assessment Pod wrote in a SIDtoday article. “But if they are merely sharing the latest release of their favorite pop star, this traffic is of dubious value (no offense to Britney Spears intended).”

The info in the SID Today publication [PDF] is a bit dated, as it shows BitTorrent trailing applications like eDonkey and KaZaa. Even though it was mostly popular albums traversing the internet pipes, the NSA still formed a File-sharing Analysis and Vulnerability Assessment (FAVA) "pod" to poke away at the infrastructure and search the shared files for data of national security interest. To do this, it had to strip away the layers of protection lying between the NSA and the contents of the files.

As many of these applications, such as KaZaA for example, encrypt their traffic, we first had to decrypt the traffic before we could begin to parse the messages. We have developed the capability to decrypt and decode both KaZaA and eDonkey traffic to determine which files are being shared, and what queries are being performed.

Breaking the encryption allowed the NSA to peer into users' computers via their shared folders, as well as harvest email addresses, country codes, user names, and lists of recent searches.

Even so, there was little actual intelligence to be gathered from the most popular file sharing applications of a decade ago. But that laid the groundwork for further examination of file sharing for national security reasons. A program called GRIMPLATE tracked BitTorrent use by Defense Dept. employees, checking to see if any of the swarms travelling in and out of the DoD's safe spaces was "malicious" -- a definition that presumably covers DoD employee exfiltration of sensitive files as well as possibly-harmful programs being downloaded to DoD computers.

The page describes DIRTY RAT, a GCHQ web application used by analysts that at the time had “the capability to identify users sharing/downloading files of interest on the eMule (Kademlia) and BitTorrent networks. … For example, we can report on who (IP address and user ID) is sharing files with ‘jihad’ in the filename on eMule. If there is a new publication of an extremist magazine then we can report who is sharing that unique file on the eMule and BitTorrent networks.”

The RAT was also tasked with gathering info to be shared with law enforcement. Child porn is name-checked in the document, as are the London Metro Police and FBI. But GCHQ wasn't interested in merely collecting info on users sharing illicit content. It also wanted to use the sharing platforms for malware delivery.

A tool called PLAGUE RAT “has the capability to alter the search results of eMule and deliver tailored content to a target,” the wiki article states. “This capability has been tested successfully on the Internet against ourselves and testing against a real target is being pursued.”

File sharing hasn't gone away, so it's indisputable both agencies are still eyeballing BitTorrent traffic. Considering a number of exfiltrated docs/software have been shared via the service, there are probably files of national security interest circulating along with movies, music, and games.

from the public-money,-public-code dept

Why is software created using taxpayers' money not released as Free Software?

And goes on:

We want legislation requiring that publicly financed software developed for the public sector be made publicly available under a Free and Open Source Software licence. If it is public money, it should be public code as well.

It certainly seems pretty ridiculous that code written for public bodies, whether by external companies or contractors paid by the public purse, or produced internally, should not be released as free software. But aside from this being a question of fairness, the FSFE lists other reasons why it makes sense:

Tax savings

Similar applications don't have to be programmed from scratch every time.

Collaboration

Efforts on major projects can share expertise and costs.

Fostering innovation

With transparent processes, others don't have to reinvent the wheel.

An open letter on the site, supported by dozens of organizations and open for individual signatures, provides a few more:

Free and Open Source Software is a modern public good that allows everybody to freely use, study, share and improve applications we use on a daily basis.

Free and Open Source Software licences provide safeguards against being locked in to services from specific companies that use restrictive licences to hinder competition.

Free and Open Source Software ensures that the source code is accessible so that backdoors and security holes can be fixed without depending on one service provider.

Considered objectively, it's hard to think of any good reasons why code that is paid for by the public should not be released publicly as a matter of course. The good news is that this "public money, public code" argument is precisely the approach that open access advocates have used with considerable success in the field of academic publishing, so there's hope it might gain some traction in the world of software too.